Florida Gastroenterology Practice Settles Data Breach Class Action Complaint
Gastroenterology Associates of Central Florida PA, which does business as the Center for Digestive Health, has agreed to settle a class action lawsuit stemming from a data breach discovered in April 2024.
A security breach was identified on April 11, 2024, and the forensic investigation confirmed unauthorized network access and data exfiltration. The affected individuals had received services from the Center for Digestive Health or the Center for Digestive Endoscopy, and the HHS’ Office for Civil Rights was notified that 121,693 individuals were affected. Complimentary credit monitoring and credit score services were offered to the affected individuals, who were notified by mail in February 2025.
Class action lawsuits were filed in the Orange County Circuit Court in Florida by plaintiffs Donald Cobean, Kimberly Leszczynski, Lyla Natal, Catherine Sanders, Wanda Moyano, Sharon Hoffmann, and George Hoffmann, individually and on behalf of similarly situated individuals. All parties agreed that Broward County was a more appropriate location, and the six lawsuits were dismissed without prejudice and refiled as a single class action complaint – Cobean et al. v. Gastroenterology Associates of Central Florida, P.A. in Broward County. The complaint asserted claims of negligence, breach of implied contract, invasion of privacy, unjust enrichment, and breach of fiduciary duty.
The defendant denied and continues to deny all claims and contentions in the litigation; however, agreed to settle the case with no admission of wrongdoing or liability to avoid the litigation costs and expenses, distractions, burden, expense, and disruption to business operations associated with further litigation. The total value of the settlement was not disclosed. The settlement agreement covers attorneys’ fees of up to $300,000, litigation expenses, settlement administration costs, and service awards of up to $2,000 for each of the seven named plaintiffs. The settlement covers the cost of claims for reimbursement of losses, cash payments, and credit monitoring services.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
All class members may submit a claim for two years of credit monitoring services, which include a $1,000,000 identity theft insurance policy. A claim may also be submitted for documented, unreimbursed, ordinary losses fairly traceable to the data breach up to $2,000 per class member. Ordinary losses include bank fees, long-distance phone charges, cell phone charges, data charges, postage, and fees for credit reports and credit monitoring services. Claims may also include up to three hours of lost time at $25 per hour. Claims may also be submitted for documented, unreimbursed extraordinary losses up to $7,500, which can include losses due to identity theft and fraud.
The settlement has received preliminary approval from the court, and the final fairness hearing is scheduled for October 13, 2025. Class members wishing to object to or exclude themselves from the settlement have until September 15, 2025, to do so, and claims must be submitted by September 29, 2025. The class was represented by Mariya Weeks of Millberg Coleman Bryson Phillips Grossman, and Jeff Ostrow and Kristen Lake Cardoso of Kopelowitz Ostrow P.A.
